Hackers don’t take a break over the festive season – Pay or don’t pay? How to respond to ransomware…

As the number of hacks and cyber attacks
continues to rise, protecting the systems and data your business relies on is
more important than ever. An increasingly common type of cyber attack is
ransomware, which can have an instant financial impact as well as long-term
consequences for the infected business.

The concept behind ransomware is simple.
Hackers encrypt all the files, folders and drives on a device and then demand a
ransom to be paid before they reinstate them.

Ransomware is cheap to deploy and widespread,
so even if only a few victims pay, attackers will likely make a handsome
profit. As such, cyber criminals attacking in this way will typically take a
“scattergun” approach in targeting their victims.

Being attacked by a ransomware hacker is
financially damaging for a business, and if it’s handled badly, the damage to
your company’s reputation can be irreparable.

Here’s what to do if your business is
attacked:

Identify the weakness: Ransomware most often
gets into a system through a malicious link or email attachment. In most cases
it will only affect the device it was opened on. However, in some cases the
entire system can end up infected.

The first step after an attack is to find the
device that was infected first and work out if other suspicious emails have
been opened on other devices. The sooner you find the source, the quicker you
can act.

Disconnect your device: After infiltrating
one device, ransomware can spread quickly through the network. So it’s
important to remove the infected machine from the office network.

Notify the authorities: It’s important to
notify the relevant authorities of a breach as soon as possible. But be aware
that Australian laws are ineffective in the case of the perpetrator residing in
another country. Checking the Australian Police website, www.afp.gov.au/cybercrime, will tell you that unless your attacker is operating
from within the country, the police can’t really help you. And if you have
business contacts of any kind in the European Union, you must inform the EU
Information Commissioner’s Office within 72 hours, or face a significant fine.

Inform employees and customers: It’s
important to be transparent in the event of a breach. Employees should be made
aware of it immediately and the actions that you are taking to resolve it. You
should also let your customers know that their data may have been compromised
in a ransomware attack. Customers will respond better to your business if they
hear this news from you, rather than from the media.

Update your security: Once the incident has
been resolved, it’s important to audit and update your IT systems. This can be
a bit of a financial investment, but it’s important to ensure your data and
company reputation stays intact.

Don’t pay the ransom: A few years ago the
number of ransomware attacks increased as cyber criminals realised a lot of
people were paying up, and that they could make a significant amount
of money for little effort. Worryingly, research found that one-third of
companies believed it’s more cost-effective to pay the ransom than to invest in
a security system!

Be prepared: Before it happens to you, set up
systems to repel online intruders and safeguard your IT security. Have a plan
in place detailing the procedures you will take in the event that your business
is attacked by hackers.

We’re no strangers to the subject of
cybercrime, and we will always be happy to share our knowledge with you. Talk
to us about your cyber weak spots and ways we can help you protect your
business and – if the worst happens – how we can help you with one of the
growing number of cyber insurance policies that are available now in the
market.

Cyber insurance can cover ransomware as well
as many other potential attacks on your business IT and systems. Better an
ounce of prevention than a world of pain.